diff options
| -rw-r--r-- | provider_base/services/openvpn.json | 5 | ||||
| -rw-r--r-- | puppet/modules/site_openvpn/manifests/server_config.pp | 2 |
2 files changed, 4 insertions, 3 deletions
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index e5b97ed9..04e19aa2 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -20,9 +20,10 @@ "unlimited_prefix": "= provider.ca.client_certificates.unlimited_prefix", "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil", "configuration": { - "tls-cipher": "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", + "tls-cipher": "DHE-RSA-AES128-SHA", "auth": "SHA1", - "cipher": "AES-128-CBC" + "cipher": "AES-128-CBC", + "keepalive": "10 30" } } } diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp index 6246a836..b1f4997c 100644 --- a/puppet/modules/site_openvpn/manifests/server_config.pp +++ b/puppet/modules/site_openvpn/manifests/server_config.pp @@ -115,7 +115,7 @@ define site_openvpn::server_config( server => $openvpn_configname; "keepalive ${openvpn_configname}": key => 'keepalive', - value => '5 20', + value => $config['keepalive'], server => $openvpn_configname; "local ${openvpn_configname}": key => 'local', |